CVE-2024-47884

Name of the Vulnerable Software and Affected Versions foxmarks versions prior to 2.1.0

Description The issue is related to the creation of a temporary file in the /tmp directory with insecure permissions, allowing a malicious user to read confidential information from Firefox's database, including bookmarks, history, and input history. This occurs when the targeted user executes foxmarks bookmarks or foxmarks history commands.

Recommendations For versions prior to 2.1.0, update to version 2.1.0 to resolve the issue. As a temporary workaround, consider restricting access to the /tmp directory or monitoring the directory for insecure temporary files created by foxmarks.